Email backup, email archiving: what’s the difference, and why shouldn’t businesses just rely on one or the other? We explain.
Email is alive and well – and growing!
The daily business email volume worldwide will increase from 112.5 billion in 2015 to 128.8 billion in 2019, according to this downloadable report from The Radicati Group.
So there’s an enormous challenge involved in ensuring copies of emails are retained in a manner that both enables them to be quickly accessed in order to support ‘business as usual’ activities, but delivers more extensive and detailed transparency for the purposes of regulatory compliance.
This is the essential difference between email backup and email archiving. Email backup is largely about business continuity, whereas email archiving is largely about protecting a business’s ‘licence to operate’.
Email archiving: a matter of legal record
Email archiving and email backup are two very different beasts – and here’s why.
Email archiving focuses on retaining emails and associated data to ensure legal and regulatory compliance.
Archiving solutions can therefore hold many years’ worth of data demanded by compliance requirements, even for heavily regulated industries like healthcare, banking and finance, pharma, and so on. Email backup does not retain data this long.
Also, email archiving can hold a 100% faithful copy of the email that has been received or sent, because it retains even deleted mails, which backup does not.
Lastly, email backup typically has very granular tools to satisfy compliance requirements around considerations like access control, audit trails, content integrity, and so on – not something you’d typically find in a backup solution.
As an example, take a look at the features in the Libraesva Email Archiver. You’ll see a whole host of refinements that email backup doesn’t offer, including, amongst others:
- 80 separate permissions to create finely differentiated user roles and restrict access to sensitive information (important for GDPR compliance!)
- Trusted time-stamping of each email, to securely keep track of creation and modification times
- Legal hold, to freeze email and data pending litigation or investigation
- Anti-tampering, to prevent retrospective adulteration of email content and data
Email backup: copy, restore, recover
The objective of email backup, on the other hand, is to easily recover and restore email that is essential to business activity, when that email has either been deleted or made inaccessible in some other way (e.g. by file corruption, deactivation of a leaver’s account, or even a ransomware attack.)
It can be tempting for businesses to convince themselves they don’t really need this service. After all, with cloud services like Office 365, G-Suite and others, isn’t email already backed up - and in some of the most robust data centres in the world?
Actually, no. Once the recycle bin is manually or automatically purged (and that can be after as little as 30 days) the data is gone…forever.
It follows, then, that cloud services still need backup sitting behind them somewhere, and the most readily accessible place to put it is elsewhere in the cloud (cloud-to-cloud backup).
So, for example, a solution like Cloud Ally will back up all the emails (and other data) contained in cloud services like Office 365 Exchange, Sharepoint Online, OneDrive, SalesForce, G-Suite, Box and others) to a cloud-based AWS S3 data centre that is ISO 27001-certified - and indeed to other user-owned storage too.
This process is automated, enabling a business to easily recover backed-up email long after the cloud service providers would have junked it.
So why do businesses need both email backup and email archiving?
Clearly, email backup and email archiving share some DNA.
But neither is a substitute for the other. In fact both, used incorrectly, are risky, and can put the brakes on businesses’ productivity.
Email archiving boasts powerful storage, search and retrieval powers, but for most everyday users - whose emphasis is simply on being able to find and restore email content and attachments, rather than delivering them as legal records in an approved regulatory format – it’s unnecessarily sophisticated to learn and use.
By the same token, the snapshots generated by email backup solutions, whilst typically simple for users to navigate and restore, do not offer the same historical completeness as email archiving – and any attempt to make them do so in answer to a regulatory investigation or similar would entail many hours’ work manually stitching the snapshots together.
Two sides of the same coin? Perhaps. But businesses need both in the bag, or they could end up paying a hefty price - operationally, reputationally, and in the law courts!